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FIG. 2 A 

procedure 200 for the Telco 

i 

Telco will define and retain the security in step 202. 

i 

• MODLIOPT is executed in step 202a ; 

• Type the old key — ^ Type old key value step 202b 

• <xxxxxxxxxxxx><CR> 

\ 

• Type the New Key — ^ Type new key value step 202c 

• <xxxxxxxxxxxx><CR> 

\ 

• Retype the New Key — ^ Retype new key value step 202d 

• <xxxxxxxxxxxx><CR> 

\ 

In step 202e the encrypted portion is Locked. 

In step 204, the Telco unlock the Security Lock. 

• MODLIOPT :L0CK=0FF ; 

Telco Types the Security Key in step 204a 

• <xxxxxxxxxxxx><CR> 

\ 

• Unlocked Type the key value in 204b 
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FIG. 2B 

In step 206 the Telco unlocks the Security Lock after loading the COPYGEN. 

\ 

• MODLIOPT:L0CK=OFF ; 

Type the Security Key in step 206a 

• <xxxxxxxxxxxx><CR> J 

Unlocked — ^ Type the key value in step 20Gb 

* 

In step 208 the Telco displays the Lock Status. 

• DISPLIOPT; ^ 

Locked is displayed — ^ if the Security Lock is locked 

message is displayed in step 208a 

\ 

Unlocked is displayed — »» if the Security Lock is unlocked 

message is displayed in step 208b 

\ 

Of course, other parameters that are administered using the M0DLI0PT command may 
be displayed when DISPLIOPT is executed. 
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FIG. 2C 

an emergency procedure provided for the invention in step 210. 

\ 

The vendor performs an upgrade 210a 

\ 

authorized personnel are allowed to reset the Security Key to a new value in step 210b 

\ 

using the default key as the old value in step 210c. 

\ 

After the Security Key is reset, the authorized personnel enters the surveillance data 
in step 210d based on backup records, such as from paper or an equivalent recording 
method. 

\ 

Telco unlocks the Security Lock in step 212 

1 

• M0DLI0PT:L0CK=0FF, » 
Type the Security Key in step 212a 

• <xxxxxxxxxxxx><CR> J 

Unlocked — ^ Type the key value in step 212b 

\ 

Telco may like to make it a practice in their operation procedure to define the 
Security Key to a new value after a new APS is loaded onto the switch in 212c. 
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FIG. 3 A 



The procedures 300 for the vendor are also provided by the invention as shown in 
Figure 3. J 

APS Upgrade Procedures for the vendor will now be explained in step 302. 

For the first upgrade, there may be no surveillance information present as indicated by 
step 302a. J 

In this case, the vendor informs the Telco to define a new Security Key using the 
default key as the old key value instep 302b. 

\ 

The vendor informs the Telco to unlock the Security Lock using the Security Key value 
in step 302c 

allow their authorized personnel in step 302d to execute the display commands that 
cause the data to be displayed. These commands may be. for example. CALEA specific 
MML commands. 
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FIG. 3B 



In the case that the Vendor provides the security features in step 304, 

* 

the vendor informs the Telco in step 304a that the Security Key cannot be lost and 
cannot be made public. | 

The Telco is further advised that the Security Key should not be disclosed to even the 
vendor in step 304b. J 

The vendor informs the Telco that the only way to recover a lost Security Key is to re- 
perform the upgrade in step 304c. 

\ 

In one aspect, the re-upgrade is done without the REGENerated commands. The Telco 
then defines a new Security Key in step 304d using the default key as the old value and 
enters the surveillance data based on records. 

\ 

In step 30G, the vendor advisee the Telco to unlock the Security Lock after reloading a 
COPYGEN. 



2003P04328US01 

in 

FIG. 3C 



In step 308, the Upgrade Procedures from the vendor side 

I 

sequence number of the command is noted in step 30Ba and to be supplied to the 
Telco. | 

The Telco then executes in step 308b the DISPEACMD command to decrypt the MML 
commands for execution. J 

IN step 308c, the encrypted CALEA specific MML commands from the log file are 
executed in the order they are entered into the log-file. 



